Understand privileged access management (PAM) in one article

With the increasing use of cloud storage, cloud computing, and the Internet of Things, as well as the continuous increase in the number of systems, users, and data, today's business environment and security risks have undergone tremendous changes. We need to change our security thinking and practices.

As the number of systems, users and data grows, strong identity and access management solutions and the need for experts become more important for managing accounts and their access. Specifically, a privileged account that provides the highest level of system access is the main goal of the government.

Most data breach incidents have proved that the privileged account password is leaked through social engineering techniques or other means to gain access to the most valuable functions and data in the system. Sometimes a user account with a lower level of authority will be upgraded after taking over the account to gain privileged access. When a legitimate account is used to access the system, the *** is usually ignored within a few weeks, allowing the *** to obtain the necessary information before taking action. To protect privileged accounts, the owners of privileged accounts must be properly trained to protect their account passwords, use multi-factor authentication for access, and monitor accounts to detect suspicious activity.

What is a privileged account

A privileged account is an account with higher access rights, allowing the owner of the account to access the most restricted areas of the system and perform highly privileged tasks. Just like a typical user account, a privileged account also requires a password to access the system and perform tasks.

Typical users of privileged accounts

Privileged accounts can be used by people or systems. IT professionals usually use privileged accounts (such as administrative accounts) to manage software, hardware, and databases. An example of a non-human privileged account is a system account with special permissions to run automatic tasks. Privileged account users can perform tasks such as installing software, accessing restricted areas, resetting passwords, and making other system changes.

Why privileged accounts bring risks

The problem with management and service accounts is that they are often shared, used across systems, and may use weak or default passwords, so they are easily stolen, widely used throughout the organization, and highly elevated access permissions make them ******'S key objectives. In addition, the passwords of these accounts are usually shared and not changed frequently, and may even be weak passwords. Many specialized tools owned by the government can steal these passwords. Hijacking privileged accounts enables the hackers to access and download the most sensitive data in the organization, distribute malware, bypass existing security controls and clear audit trails to hide their activities.

Industry analysts predict that up to 80% of security vulnerabilities involve the disclosure of privileged account passwords, and most leaked systems have not been discovered within 200 days. One of the main reasons passwords are easily stolen is that more than 20% of companies have not changed the well-known default passwords, such as "admin" and "12345". Moreover, to complicate the problem, the account owner uses the same password for multiple different accounts.

***Use these weaknesses to enhance its existing permissions, access the system, data and key management functions, and hide its activities.

Understand privileged access management (PAM) in one article

Consequences of compromised privileged accounts

A privileged account is a powerful account that has all access rights to the system. ***Can perform malicious activities, steal sensitive information, conduct financial fraud, and is often not discovered until a long time later. ***After *** the system, they usually use the access rights to observe the system for a period of time and understand the user's activities. In the end, the hacker can accurately understand the target system. According to the motives of the attackers, they can use a privileged account to perform the following operations:

Change system functions,
Disable access for certain accounts,
Elevate the access rights of certain accounts,
Steal sensitive data for fraud, blackmail or retaliation,
Corrupt data,
Inject wrong code or malicious software.

How the privileged account password was stolen

Up to 80% of vulnerabilities are caused by stolen passwords. ***The favorite way to privilege*** is to steal account credentials. ***Malware or social engineering may be used to steal account information to gain unauthorized access. Employees are often fooled by phishing scams, which require them to click on links, download hidden malware attachments or enter passwords into forms on fake websites. In many cases, these scams appear to be legitimate requests from employee managers, company executives, or other trusted sources.

Notable security incidents and statistics

In 51% of cases, most companies face the threat of data leakage from criminal groups, while the data threat from state guarantee agencies is only 18%.
More than 60% of vulnerabilities involve ******.
81% of ***-related violations used stolen or weak passwords.
43% of violations involve social *** (including phishing, counterfeiting and phishing).
14% of violations involved employee error, while another 14% involved abuse of privileges.
51% of violations included malware, 66% of which were sent by malicious email attachments.
27% of violations were discovered by third parties.

According to reports, JP Morgan Chase discovered in 2014 that *** was able to obtain “root” privileges on more than 90 servers of the bank, which meant that they could take actions such as transferring funds and closing accounts. *** Internal information such as names, addresses, phone numbers and email addresses of 76 million people and 7 million small businesses were stolen.

Privileged Access Management (PAM) prompt

Identify privileged accounts,
Determine who needs access or has access,
Define when privileged accounts can be used,
Develop an incident response plan,
Monitor the activity of privileged accounts,
Choose a strong password and change it frequently. The privileged account password should be set to be very complex and stored securely. Never share them or use them to access multiple systems.

Article source:
https://www.identitymanagementinstitute.org/privileged-account-management-pam/

about Us

Understand privileged access management (PAM) in one article

"Longgui Technology" is an enterprise-level information service provider focusing on low-code empowerment. The core founder team is co-founded by experts from NSFOCUS, Red Hat open source operating system, well-known game Crab Technology, and well-known open source communities.

"Longgui Technology" is committed to enabling every enterprise in China to have an exclusive automated office operating system, helping enterprises or governments to embrace the (Cloud Native First) strategy of cloud native first , and helping customers build a modern IT foundation centered on "identity and application" facility! So as to realize "digital transformation" and "industrialized production of software industry" !

Main product: ArkOS Ark Operating System: an enterprise-level office automation operating system , combined with self-developed low-code application development platform, build an industrial ecology, and focus on creating an integrated full-stack cloud native platform for various enterprises and organizations. The built-in applications of the system include: ArkID unified identity authentication , ArkIDE, ArkPlatform, App Store and other products. Up to now, the company has obtained 15 software copyrights and 2 invention patents, and in November 2020, it has been recognized as a national high-tech enterprise in Zhongguancun, Haidian District, Beijing .